<?php
include 'class.php';

$query_string = explode(".", $_POST['module']);

$user->get_user_perm($query_string[0]);

$search = array(
	"é","á","ű","ő","ú","ö","ü","ó",".","-"
);
$replace = array(
	"e","a","u","o","u","o","u","o","_","_"
);



include 'settings/db_'.$query_string[0].".php";

if ($module_db['multitable'])
{
	$module_db = $module_db[$_POST['multitable']];
}

$hiddenrow = $_POST['hiddenrow'];
$actionafternew = $_POST['actionafternew'];

foreach ($module_db['data'] as $value)
{
	if ( ($value['type']<>"hidden") && (!in_array($value['name'],$hiddenrow)) )
	{
		print $value['name']."<br>";
		$query[$value['name']] = $_POST[$value['name']];
	
		if ($value['type']=="text")
		{
			$query[$value['name']] = "'".$sql->escape($query[$value['name']] )."'";
		}
		
		if ($value['type']=="password")
		{
			if ($query[$value['name']]<>"")
			{
				$query[$value['name']] = "'".md5($query[$value['name']] )."'";
			}
			
		}
		
		if ($value['type']=="textarea")
		{
			$query[$value['name']] = "'".$sql->escape($query[$value['name']] )."'";
		}
		
		if ($value['type']=="checkbox")
		{
			if ($query[$value['name']]== "on" )
			{
				$query[$value['name']] = 1;
			}
			else
			{
				$query[$value['name']] = 0;
			}
		}
		
		if ($value['type']=="date")
		{
			if ($query[$value['name']]<>"" && $query[$value['name']]<>0 && $query[$value['name']]<>"0")
			{
				$date = explode("-", $query[$value['name']]);
				$query[$value['name']] = mktime(0,0,0,$date[1],$date[2],$date[0]);
			}
			else
			{
				$query[$value['name']] = 0;
			}
		}
		
		if ($value['type']=="select")
		{
			$query[$value['name']] = "'".$sql->escape($query[$value['name']] )."'";
		}
		
		if ($value['type']=="image")
		{
			if ($_POST[$value['name']."_imagefile"]<>"none")
			{
				$query[$value['name']] = "'".$_POST[$value['name']."_imagefile"]."'";	
			}
			else
			{
				if ($_FILES[$value['name']."_imageupload"]['error']==0)
				{
					$filename = $_FILES[$value['name']."_imageupload"]['name'];
					$fileextension = substr($filename, strrpos($filename, ".",-4));
					$filename = substr($filename, 0, strrpos($filename, ".",-4));
					
					$filename = str_replace($search, $replace, $filename);
					$filename = strtolower($filename.$fileextension);
					
					if (move_uploaded_file($_FILES[$value['name']."_imageupload"]['tmp_name'], IMAGE_FOLDER.$filename))
					{
						$query[$value['name']] = "'".$filename."'";
						$_SESSION['message']['highlight'][] = "A file feltöltés sikeresen megtörént az alábbi néven: ".$filename;
					}
					else
					{
						$_SESSION['message']['error'][] = "Nem sikerült áthelyezni a feltöltött képet!";
						$_SESSION['form'] = $_POST;
						$error = TRUE;
					}
				}
				else
				{
					$query[$value['name']] = "''";
				}
			}
		}
		
		if ($value['type']=="file")
		{
			if ($_POST['folder_type']<>"static")
			{
				$folder = $_POST['folder'][$_POST[$_POST['folder_type']]];
			}
			else
			{
				$folder = $_POST['folder'];
			}
			
			
			if ($_FILES[$value['name']]['error']==0)
			{
				$filename = $_FILES[$value['name']]['name'];
				$fileextension = substr($filename, strrpos($filename, ".",-4));
				$filename = substr($filename, 0, strrpos($filename, ".",-4));
				
				$filename = str_replace($search, $replace, $filename);
				$filename = strtolower($filename.$fileextension);
				
				if (is_file($folder.$filename))
				{
					$filename = time().$fileextension;
				}
				
				if (move_uploaded_file($_FILES[$value['name']]['tmp_name'], $folder.$filename))
				{
					$query[$value['name']] = "'".$filename."'";
					$_SESSION['message']['highlight'][] = "A file feltöltés sikeresen megtörént az alábbi néven: ".$filename;
				}
				else
				{
					$_SESSION['message']['error'][] = "Nem sikerült áthelyezni a feltöltött képet!";
					$_SESSION['form'] = $_POST;
					$error = TRUE;
				}
			}
			else
			{
				unset($query[$value['name']]);
			}
		}
	}
}


// ha nincsen hiba, jöhet a db mentés
if ($error !== TRUE)
{
	if ($_POST['action']=="add")
	{
		if ($insertid = $sql->mysql_insert($module_db['table_name'], $query))
		$_SESSION['message']['highlight'][] = "Adatok sikeresen hozzáadva az adatbázishoz!";
		
		foreach ($actionafternew as $action)
		{
			include 'settings/'.$action.'_class.php';
			include 'modules/'.$action.'/'.$action.'.php';
		}
	}
	
	if ($_POST['action']=="edit")
	{
		$id = (int)$_POST['id'];
		if ($sql->mysql_update($module_db['table_name'], $query,$module_db['id']." = ".$id))
		$_SESSION['message']['highlight'][] = "Adatok sikeresen módosítva lettek az adatbázisban!";
	}
	
}

header("Location: index.php?".$_POST['module']);
?>